Lucene search
K

46 matches found

Positive Technologies
Positive Technologies
added 2023/06/29 12:0 a.m.7 views

PT-2023-23077 · Unknown · Foundry Issues

Name of the Vulnerable Software and Affected Versions: Foundry Issues affected versions not specified Description: A security defect was identified in Foundry Issues. If a user was added to an issue on a resource that they did not have access to and consequently could not see, they could query...

4.3CVSS4.4AI score0.00393EPSS
Exploits0References3
CNNVD
CNNVD
added 2023/06/29 12:0 a.m.4 views

Palantir Foundry Issues 安全漏洞

Palantir Foundry Issues is an application from Palantir USA. A security vulnerability exists in Palantir Foundry Issues prior to version 2.497.0 that stems from allowing unauthorized users to retrieve issue metadata from Foundry's notification API...

4.3CVSS5.1AI score0.00393EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2023/02/15 5:30 a.m.5 views

SUSE CVE-2014-1529

The Web Notification API in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to bypass intended source-component restrictions and execute arbitrary JavaScript code in a privileged context via a crafted web page f...

8.8CVSS8.8AI score0.03749EPSS
Exploits1References10
OpenVAS
OpenVAS
added 2021/11/11 12:0 a.m.20 views

Mozilla Firefox Security Advisory (MFSA2014-42) - Linux

This host is missing a security update for Mozilla Firefox. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...

9.3CVSS9.3AI score0.03749EPSS
Exploits1References3
ThreatPost
ThreatPost
added 2020/11/19 9:34 p.m.109 views

German COVID-19 Contact-Tracing Vulnerability Allowed RCE

A security vulnerability in the infrastructure underlying Germany’s official COVID-19 contact-tracing app, called the Corona-Warn-App CWA, would have allowed pre-authenticated remote code execution RCE. Researcher Alvaro Muñoz wrote in a report this week that he and his team at GitHub Security La...

7.8AI score
Exploits0References9
CVE
CVE
added 2020/06/11 6:16 p.m.52 views

CVE-2020-13702

The CVE-2020-13702 entry concerns the Rolling Proximity Identifier used by the Apple/Google Exposure Notification API (beta through 2020-05-29). A secondary temporary UID enables attackers within Beacon/IoT networks to track an individual device’s movements via Bluetooth LE discovery, compromisin...

10CVSS9.2AI score0.02173EPSS
Exploits1References6Affected Software1
BDU FSTEC
BDU FSTEC
added 2016/07/05 12:0 a.m.4 views

The vulnerability of the Firefox browser, which allows a malicious attacker to execute arbitrary code or trigger a service denial.

Mozilla Firefox’s software contains a vulnerability in the qcmsprofilefrommemory function. Exploiting this vulnerability allows an attacker to execute arbitrary code or cause a service failure by manipulating the web notification API component, thereby creating a custom ICC profile...

7.8CVSS7.6AI score0.0316EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2016/07/05 12:0 a.m.6 views

The vulnerability of the Thunderbird email client, which allows a remote attacker to execute arbitrary code.

Mozilla Thunderbird’s software contains a vulnerability in the nsJSThunk::EvaluateScript function. Exploiting this vulnerability allows an attacker to execute arbitrary code by manipulating the web notification API component...

9.3CVSS7.6AI score0.03749EPSS
Exploits1References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2016/07/05 12:0 a.m.4 views

The vulnerability of the Firefox ESR browser allows a malicious attacker to execute arbitrary code.

Mozilla Firefox ESR software contains a vulnerability in the nsJSThunk::EvaluateScript function. Exploiting this vulnerability allows an attacker to execute arbitrary code by manipulating the web notification API component...

9.3CVSS7.6AI score0.03749EPSS
Exploits1References4Affected Software1
Tenable Nessus
Tenable Nessus
added 2015/05/20 12:0 a.m.25 views

SUSE SLES11 Security Update : Mozilla Firefox (SUSE-SU-2014:0665-1)

This Mozilla Firefox and Mozilla NSS update fixes several security and non-security issues. Mozilla Firefox has been updated to 24.5.0esr which fixes the following issues : - MFSA 2014-34/CVE-2014-1518 Miscellaneous memory safety hazards - MFSA 2014-37/CVE-2014-1523 Out of bounds read while...

9.8CVSS7.3AI score0.07543EPSS
Exploits7References21
OpenVAS
OpenVAS
added 2014/05/06 12:0 a.m.29 views

SeaMonkey Multiple Vulnerabilities-01 (May 2014) - Mac OS X

SeaMonkey is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:seamonkey"; ifdescription...

9.8CVSS8.3AI score0.07543EPSS
Exploits7References13
OpenVAS
OpenVAS
added 2014/05/06 12:0 a.m.30 views

Mozilla Firefox Multiple Vulnerabilities-01 (May 2014) - Mac OS X

Mozilla Firefox is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefox";...

9.8CVSS8.3AI score0.07543EPSS
Exploits10References14
Tenable Nessus
Tenable Nessus
added 2014/05/05 12:0 a.m.36 views

SeaMonkey < 2.26 Multiple Vulnerabilities

Binary data 8214.prm...

10CVSS8.2AI score0.07543EPSS
Exploits9References27
NVD
NVD
added 2014/04/30 10:49 a.m.19 views

CVE-2014-1529

The Web Notification API in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to bypass intended source-component restrictions and execute arbitrary JavaScript code in a privileged context via a crafted web page f...

9.3CVSS9.1AI score0.03749EPSS
Exploits1References23
ATTACKERKB
ATTACKERKB
added 2014/04/30 10:49 a.m.3 views

CVE-2014-1529

The Web Notification API in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to bypass intended source-component restrictions and execute arbitrary JavaScript code in a privileged context via a crafted web page f...

9.3CVSS7.8AI score0.03749EPSS
Exploits1References24
Prion
Prion
added 2014/04/30 10:49 a.m.24 views

Design/Logic Flaw

The Web Notification API in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to bypass intended source-component restrictions and execute arbitrary JavaScript code in a privileged context via a crafted web page f...

9.3CVSS7.5AI score0.03749EPSS
Exploits1References23Affected Software16
Cvelist
Cvelist
added 2014/04/30 10:0 a.m.30 views

CVE-2014-1529

The Web Notification API in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to bypass intended source-component restrictions and execute arbitrary JavaScript code in a privileged context via a crafted web page f...

9.2AI score0.03749EPSS
Exploits1References23
RedHat Linux
RedHat Linux
added 2014/04/29 10:45 p.m.5 views

Mozilla: Privilege escalation through Web Notification API (MFSA 2014-42)

The Web Notification API in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to bypass intended source-component restrictions and execute arbitrary JavaScript code in a privileged context via a crafted web page f...

9.3CVSS7.2AI score0.03749EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2014/04/29 10:15 p.m.4 views

Mozilla: Privilege escalation through Web Notification API (MFSA 2014-42)

The Web Notification API in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to bypass intended source-component restrictions and execute arbitrary JavaScript code in a privileged context via a crafted web page f...

9.3CVSS7.2AI score0.03749EPSS
Exploits1References5
FreeBSD
FreeBSD
added 2014/04/29 12:0 a.m.38 views

mozilla -- multiple vulnerabilities

The Mozilla Project reports: MFSA 2014-34 Miscellaneous memory safety hazards rv:29.0 / rv:24.5 MFSA 2014-35 Privilege escalation through Mozilla Maintenance Service Installer MFSA 2014-36 Web Audio memory corruption issues MFSA 2014-37 Out of bounds read while decoding JPG images MFSA 2014-38...

10CVSS9.2AI score0.07543EPSS
Exploits12References14
Rows per page
Query Builder